From owner-freebsd-questions@FreeBSD.ORG Sun Jan 1 02:31:07 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 32D9316A41F for ; Sun, 1 Jan 2006 02:31:06 +0000 (GMT) (envelope-from lorenl@alzatex.com) Received: from hosea.tallye.com (joel.tallye.com [216.99.199.78]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4A96343D46 for ; Sun, 1 Jan 2006 02:31:05 +0000 (GMT) (envelope-from lorenl@alzatex.com) Received: from hosea.tallye.com (localhost.localdomain [127.0.0.1]) by hosea.tallye.com (8.12.8/8.12.10) with ESMTP id k012V4Bd031676 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 31 Dec 2005 18:31:04 -0800 Received: (from sttng359@localhost) by hosea.tallye.com (8.12.8/8.12.8/Submit) id k012V4V2031674; Sat, 31 Dec 2005 18:31:04 -0800 Date: Sat, 31 Dec 2005 18:31:04 -0800 From: "Loren M. Lang" To: Danial Thom Message-ID: <20060101023104.GA31327@alzatex.com> References: <20051221174708.GD27642@alzatex.com> <20051221175537.24640.qmail@web33310.mail.mud.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="X1bOJ3K7DJ5YkBrT" Content-Disposition: inline In-Reply-To: <20051221175537.24640.qmail@web33310.mail.mud.yahoo.com> User-Agent: Mutt/1.4.1i X-GPG-Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc X-GPG-Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C X-Virus-Scanned: ClamAV version 0.87, clamav-milter version 0.87 on hosea.tallye.com X-Virus-Status: Clean Cc: "Loren M. Lang" , Yance Kowara , Ted Mittelstaedt , freebsd-questions@freebsd.org Subject: Re: FreeBSD router two DSL connections X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Jan 2006 02:31:07 -0000 --X1bOJ3K7DJ5YkBrT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 21, 2005 at 09:55:37AM -0800, Danial Thom wrote: >=20 >=20 > --- "Loren M. Lang" wrote: >=20 > > On Sun, Dec 11, 2005 at 11:28:17PM -0800, Ted > > Mittelstaedt wrote: > > >=20 > > > If both DSL lines go to the same ISP it is > > easy, run > > > PPP on them and setup multilink PPP. The ISP > > has to > > > do so also. > > >=20 > > > If they are going to different ISP's then you > > cannot > > > do it with any operating system or device > > save BGP - the idea is > > > completely -stupid- to put it simply. If you > > think different, > > > then explain why and I'll shoot every > > networking scenario > > > you present so full of holes you will think > > it's swiss cheese. > > > And if you think your going to run BGP I'll > > shoot that full > > > of holes also. > >=20 > > I strongly disagree. There are many reasons > > for this. Two of which are > > increased throughoutput and redundancy. The > > primary problem is that you > > need to make sure outgoing data for a > > connection is using the same line > > as the incoming connection. If the majority to > > all connections are > > outgoing and both lines use NAT and have unique > > IP addresses, it's > > simpler to setup. If you have incoming > > connections as well, either only > > one of the two lines will be used or you'll > > need BGP or some kind of > > static route setup by the two ISPs. For an > > internet cafe, most > > connections will probably be outgoing so it > > won't be a problem. >=20 > Thats not right at all, although in *some* cases > it may be desirable. All upstream ISPs are > connected to everyone on the internet, so it > doesn't matter which you send your packets to > (the entire point of a "connectionless" network. > They both can forward your traffic to wherever > its going. For efficiencies sake, you may argue > that sending to the ISP that sent you the traffic > will be a "better path", but if one of your pipes > is saturated and the other running at 20% then > its likely more efficient to keep your pipes > filled and send to "either" isp. You can achieve > this with per-packet load-balancing with ciscos, > or bit-balancing with a product like ETs for > FreeBSD. Unless your 2 isps are connected > substantially differently (say if one is in > Europe and one in the US), you'll do better > keeping your pipes balanced, as YOU are the > bottleneck, not the upstream, assuming you have > quality upstream providers. You are correct in the case of a normal router, but this is not a normal router, this is an NAT router with two different incoming pipes with two unique ip addresses. As far as each ISP is concerned, they are providing bandwidth to a single computer that is not the same as the other ISP. There is no information that connects the two together. With NAT, the network behind is hidden and normal routing can't take place. Only outgoing connections can take place, and the from address is modified to be the same as the IP address on the pipeline it is leaving from. Internet routers won't know that the other ip address is the same computer and even if they did know, the NAT software on the router might discard the packets because the data is arriving on the wrong interface. Incoming connections work only if the router is setup to do port forwarding. The problem here with sharing the bandwidth is that each pipeline has it's own address and there is no way to specifiy an address of a computer behind the router because each ISP has only allocated one address to their customer and there are no entries in the routing tables for computers behind them. Bandwidth sharing is possible with an NAT router, but not connection sharing. >=20 > Danial >=20 > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around=20 > http://mail.yahoo.com=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" >=20 --=20 I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: CEE1 AAE2 F66C 59B5 34CA C415 6D35 E847 0118 A3D2 =20 --X1bOJ3K7DJ5YkBrT Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFDtz7obTXoRwEYo9IRAnbUAJwN5766VKqYIH3d30kaM4FSpvVmCQCfcPum j8Xe9zfRyBDaVpMJ5ayjdA8= =aVNt -----END PGP SIGNATURE----- --X1bOJ3K7DJ5YkBrT--